Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-15 | CVE-2017-5537 | Information Exposure vulnerability in Weblate The password reset form in Weblate before 2.10.1 provides different error messages depending on whether the email address is associated with an account, which allows remote attackers to enumerate user accounts via a series of requests. | 5.3 |
| 2017-03-15 | CVE-2017-5496 | Information Exposure vulnerability in Sawmill 8.7.9 Sawmill Enterprise 8.7.9 allows remote attackers to gain login access by leveraging knowledge of a password hash. | 9.8 |
| 2017-03-15 | CVE-2017-5583 | Information Exposure vulnerability in Paloaltonetworks Pan-Os The Management Web Interface in Palo Alto Networks PAN-OS before 6.1.16, 7.0.x before 7.0.13, and 7.1.x before 7.1.8 allows remote authenticated users to read arbitrary files via unspecified vectors. | 6.5 |
| 2017-03-14 | CVE-2016-8016 | Information Exposure vulnerability in Mcafee Virusscan Enterprise Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter. | 3.4 |
| 2017-03-14 | CVE-2016-8747 | Information Exposure vulnerability in Apache Tomcat An information disclosure issue was discovered in Apache Tomcat 8.5.7 to 8.5.9 and 9.0.0.M11 to 9.0.0.M15 in reverse-proxy configurations. | 7.5 |
| 2017-03-14 | CVE-2014-8688 | Information Exposure vulnerability in Telegram Messenger 1.8.2/2.6 An issue was discovered in Telegram Messenger 2.6 for iOS and 1.8.2 for Android. | 7.5 |
| 2017-03-13 | CVE-2015-6671 | Information Exposure vulnerability in EDX Edx-Platform Open edX edx-platform before 2015-08-25 requires use of the database for storage of SAML SSO secrets, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging access to a database backup. | 5.9 |
| 2017-03-13 | CVE-2017-5674 | Information Exposure vulnerability in Embedthis Goahead A vulnerability in a custom-built GoAhead web server used on Foscam, Vstarcam, and multiple white-label IP camera models allows an attacker to craft a malformed HTTP ("GET system.ini HTTP/1.1\n\n" - note the lack of "/" in the path field of the request) request that will disclose the configuration file with the login password. | 9.8 |
| 2017-03-08 | CVE-2016-5894 | Information Exposure vulnerability in IBM Websphere Commerce IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. | 5.1 |
| 2017-03-08 | CVE-2017-0537 | Information Exposure vulnerability in Linux Kernel 3.18 An information disclosure vulnerability in the kernel USB gadget driver could enable a local malicious application to access data outside of its permission levels. | 4.7 |